Software Version 5.0.1 New and Changed Features

WAAS software Version 5.0.1 includes the following new features and changes:

•Cisco AppNav—The Cisco AppNav solution is a combination hardware and software solution that uses the new Cisco AppNav Controller Interface Modules to simplify network integration of WAN optimization and can overcome challenges with provisioning, scalability, asymmetry, and high availability. When equipped with a Cisco AppNav Controller Interface Module, a WAVE appliance can operate in the new AppNav Controller device mode where it intercepts network traffic and distributes that traffic to one or more WAAS nodes for optimization. AppNav greatly reduces dependency on the intercepting switch or router by distributing traffic among WAAS nodes for optimization using a powerful class and policy mechanism that can be configured to optimize traffic based on branch or application affinity.

•Support for three new Cisco AppNav Controller Interface Modules—12xGE copper and 12xGE SFP fiber interface modules are available for WAVE-694/7541/7571/8541 platforms and a 4x10GE SFP+ fiber interface module is available for the WAVE-594 appliance. These interface modules allow WAVE appliance operation in the new AppNav Controller device mode and support both inline and WCCP traffic interception.

•Central Manager—The WAAS Central Manager user interface has been streamlined, supports more browsers, has reorganized and easier to use menu navigation, and makes it easier to switch between devices and groups. The monitoring and reporting facility has improved graphical reports and charts and can monitor individual class maps. A new Reports Central user interface simplifies report management. A new alarm reporting panel makes alarms always accessible with one click.

•SMB Application Accelerator—A new SMB application accelerator optimizes CIFS traffic. This application accelerator supports SMBv1, has added support for native SMBv2 protocols, and optimizes signed SMBv2 traffic. (It does not provide appreciable optimization benefits for signed SMBv1 traffic.) To optimize CIFS traffic, you can choose between the CIFS and SMB application accelerators, which cannot be enabled simultaneously. The SMB accelerator does not yet support prepositioning or the Windows Print accelerator.

Note The encrypted MAPI feature is in extended beta trials. You must contact waas-emapi-cs@external.cisco.com with your Cisco account team on the CC for approvals, before enabling this feature. Only approved customers will be supported for beta evaluations. The encrypted MAPI feature will be made generally available in a following release.

•Data Redundancy Elimination (DRE) Enhancements—DRE is enhanced for better performance and a new feature allows the system to bypass DRE optimization for traffic flows that do not benefit from such optimization.

•WAAS Express Support—Support for interoperability with WAAS Express in Cisco IOS Release 15.2(3)T or later. WAAS Express is enhanced with added support for HTTPS traffic as well as improved performance for file operations.

•WCCP Enhancements—Enhancements include a Layer 2 egress method, a new mode to support AppNav deployments, and faster failure detection options (3 and 6 seconds) on AppNav Controllers. Additionally, WCCP flow protection is disabled by default on new installations (previously, flow protection was enabled by default, with no timeout). The Central Manager now manages WCCP configuration at the device level only; device group settings for WCCP are no longer supported but settings can be copied between devices. Static bypass lists are no longer supported on WAAS devices running WAAS version 5.0.1 or later; interception ACLs provide this functionality. WCCP configuration is simplified and the return method is set the same as the redirect method. The available egress methods also depend on the redirect method.

•Interface Configuration Enhancements—You can now designate a specific interface to handle all management traffic. Standby groups can include port-channel interfaces, and a new src-dst-ip port-channel load balancing method is available. Jumbo maximum transmission unit (MTU) frames are supported. A new bridge group type is introduced to support bridging inline interfaces on an AppNav Controller.

•AAA Enhancements—The AAA accounting facility is enhanced with the ability to enable and disable the accounting of CLI commands that result from Central Manager actions.

•SNMP Enhancements—The CISCO-APPNAV-MIB is provided to allow monitoring of AppNav deployments and the CISCO-WAN-OPTIMIZATION-MIB is enhanced to allow better monitoring of the system and individual application accelerators. Additionally, the obsolete ACTONA-ACTASTOR-MIB is removed.

•WAE-512 and WAE-612 appliances and NME-WAE-302 and NME-WAE-522 modules—These appliances and modules are no longer supported and WAAS version 5.0 and later does not operate on these appliances and modules. Upgrading to WAAS version 5.0 on these devices (or on a device group that contains any of these devices) is not allowed.

•Baseline Groups—Support for baseline groups is removed in WAAS version 5.0.

Standard Image Files

WAAS software Version 5.0.1 includes the following standard primary software image files for use on WAAS appliances and modules:

•waas-universal-5.0.1.x-k9.bin—Universal software image that includes Central Manager, Application Accelerator, and AppNav Controller functionality. You can use this type of software file to upgrade a device operating in any device mode.

•waas-accelerator-5.0.1.x-k9.bin—Application Accelerator software image that includes Application Accelerator and AppNav Controller functionality only. You can use this type of software file to upgrade only an Application Accelerator or AppNav Controller device. This software image file is significantly smaller than the Universal image. Kdump analysis functionality is not included in the Accelerator-only image.

•waas-sre-installer-5.0.1.x-k9.zip—SM-SRE install .zip file that includes all the files necessary to install WAAS on the SM-SRE module.

•waas-kdump-5.0.1.x-k9.bin—Kdump analysis component that you can install and use with the Application Accelerator software image. The Kdump analysis component is intended for troubleshooting specific issues and should be installed following the instructions provided by Cisco TAC.

No Payload Encryption (NPE) Image Files

WAAS software Version 5.0.1 includes NPE primary software image files that have the disk encryption feature disabled. These images are suitable for use in countries where disk encryption is not permitted. NPE primary software image files include the following:

•waas-universal-5.0.1.x-npe-k9.bin—Universal NPE software image that includes Central Manager, Application Accelerator, and AppNav Controller functionality. You can use this type of software file to upgrade a device operating in any device mode.

•waas-accelerator-5.0.1.x-npe-k9.bin—Application Accelerator NPE software image that includes Application Accelerator and AppNav Controller functionality only. You can use this type of software file to upgrade only an Application Accelerator or AppNav Controller device. This software image file is significantly smaller than the Universal image. Kdump analysis functionality is not included in the Accelerator-only image.

•waas-sre-installer-5.0.1.x-npe-k9.zip—SM-SRE install .zip file that includes all the NPE files necessary to install WAAS on the SM-SRE module.

•waas-kdump-5.0.1.x-npe-k9.bin—NPE Kdump analysis component that you can install and use with the Application Accelerator software image. The Kdump analysis component is intended for troubleshooting specific issues and should be installed following the instructions provided by Cisco TAC.

BIOS Update

The latest BIOS is required for AppNav operation with a Cisco AppNav Controller Interface Module in WAVE-594/694/7541/7571/8541 models. WAVE-294 models do not need a BIOS update.

WAAS appliances shipped from the factory with WAAS version 5.0.1 or later have the correct BIOS installed. If you are updating a device that was shipped with an earlier version of WAAS software, you should update the BIOS, unless it was updated previously. WAVE-594/694 models require BIOS version 17A and WAVE-7541/7571/8541 models require BIOS version 11A.

If you install a Cisco AppNav Controller Interface Module in a device that requires a BIOS update, the bios_support_seiom major alarm is raised, "I/O module may not get the best I/O performance with the installed version of the system BIOS firmware."

To determine if a device has the correct BIOS version, use the show hardware command. The following example displays the BIOS version installed on the device, which is the last three digits of the Version value:

The complete update process can take several minutes and the device may appear unresponsive but do not interrupt the process or power cycle the device. After the update is complete, you must reload the device.

After the device reboots, you can verify the firmware version by using the show hardware command.

BMC Firmware Update

IPMI over LAN requires that you install a specific BMC firmware version on the device. The minimum supported BMC firmware versions are as follows:

•WAVE-294/594/694—48a

•WAVE-7541/7571/8541—26a

WAAS appliances shipped from the factory with WAAS version 4.4.5 or later have the correct firmware installed. If you are updating a device that was shipped with an earlier version of WAAS software, you must update the BMC firmware, unless it was updated previously.

To determine if you are running the correct firmware version, use the show bmc info command. The following example displays the latest BMC firmware version installed on the device (48a here):

The update process automatically checks the health status of the BMC firmware. If the system detects that the BMC firmware is corrupted, BMC is recovered during the BMC firmware update procedure. The complete update process can take several minutes. If the device appears unresponsive, do not interrupt the process or power cycle the device. After the update is complete, you must reload the device.

After the device reboots, you can verify the firmware version by using the show bmc info command.

BMC recovery and BMC firmware update restores the factory defaults on the BMC and all the current IPMI over LAN configurations are erased.

If the BMC firmware gets corrupted, a critical alarm is raised.

RAID Controller Firmware Update

We recommend that you upgrade to the latest RAID controller firmware for your hardware platform, which can be found on cisco.com at the Wide Area Application Service (WAAS) Firmware download page (registered customers only). The firmware differs depending on your hardware platform:

The firmware binary image is named waas-raid-fw-installer-12.12.0-0060-k9.bin. Instructions on how to apply the firmware update are posted on cisco.com together with the firmware in the file named M2_0060_FIRMWARE.pdf, which you can see when you mouse over the firmware file.

•WAE-674/7341/7371—Update to the 5.2-0 (17002) RAID Controller Firmware (or later version). You can check your current RAID controller firmware version with the show disk tech-support EXEC command. The Firmware field displays the firmware version.

The firmware binary image is named L4_xxxxx_FIRMWARE.bin. Instructions on how to apply the firmware update are posted on cisco.com together with the firmware in the file named L4_xxxxx_FIRMWARE.pdf, which you can see when you mouse over the firmware file.

Under rare circumstances, the RAID controller firmware used in the WAE-674, WAE-7341, and WAE-7371 appliances can cause the disk storage subsystem to go offline and the affected devices to stop optimizing connections. The symptoms are as follows:

•Syslog output contains several instances of the following message:"WAAS-SYS-3-900000: sd 0:0:0:0: rejecting I/O to offline device."

•A sysreport and running-config file cannot be generated and copied to /local/local1.

Both these symptoms are an indication of the file system becoming read-only during traffic flow.

•An increasing number of pending connections appear in the output of the show statistics tfo command, which indicates that new connections cannot be optimized. You can use this command to proactively check the functionality of the system.

The solution is to upgrade to the 5.2-0 (17002) RAID Controller Firmware (or later version).

Upgrading and Interoperability

Interoperability and Support

Table 1-1 lists the hardware, client, and web browser support for WAAS software version 5.0.1.

Table 1-1 Hardware, CIFS Client, Web Browser Support

Hardware support

The WAAS software operates on these hardware platforms: WAE-674, WAE-7341, WAE-7371, WAVE-274, WAVE-474, WAVE-574, WAVE-294, WAVE-594, WAVE-694, WAVE-7541, WAVE-7571, or WAVE-8541 appliance, or an NME-WAE-502, SM-SRE-700, SM-SRE-710, SM-SRE-900, or SM-SRE-910 network module that is installed in specific Cisco routers. Additionally, Cisco 880 Series, 890 Series, and ISR G2 routers running WAAS Express are supported on the branch side (WAAS version 4.2.1 or later is required on the data center side). You must deploy the WAAS Central Manager on a dedicated device.

The WAAS Central Manager GUI requires Internet Explorer version 8 or 9 (only 8 on Windows XP), Firefox version 4 or later, Chrome version 10 or later, or Safari version 5.x (only on Apple OS X) and the Adobe Flash Player browser plug-in. The WAE Device Manager GUI requires Internet Explorer version 5.5 or later.

If you are using Internet Explorer to access the Central Manager GUI, we strongly recommend that you install the Google Chrome Frame plug-in to provide better performance. When you log into the Central Manager the first time, you are prompted to install Google Chrome Frame. Choose a language, click Get Google Chrome Frame, and follow the prompts to download and install the plug-in. If you do not want to install the plug-in, click the link to continue without installing Google Chrome Frame.

Note When using Internet Explorer, ensure that the Tools > Internet Options > Advanced tab > Do not save encrypted pages to disk check box (under Security) is checked. If this box is unchecked, some charts do not display (CIFS device level charts and version 4.x scheduled reports that have completed).

WAAS Version Interoperability

Consider the following guidelines when operating a WAAS network that mixes Version 5.0.x devices with devices running earlier software versions:

•WAAS Version 5.0.x is not supported running in a mixed version WAAS network where any WAAS device is running a software version earlier than 4.2.1. If you have any WAAS devices running a version earlier than 4.2.1, you must first upgrade them to Version 4.2.1 (or a later version) before you install Version 5.0. Do not upgrade any device to a version later than the existing Central Manager version. After all devices and the Central Manager are running version 4.2.1 or later, you can begin the upgrade to version 5.0.1 on the WAAS Central Manager. Directly upgrading a device from version 4.0 or 4.1 to 5.0 is not supported.

•In a mixed version WAAS network, the WAAS Central Manager must be running the highest version of the WAAS software.

AppNav Interoperability

Consider the following guidelines when deploying the Cisco AppNav solution:

•If you are connecting an AppNav Controller (ANC) to a Catalyst 6500 series switch and you have configured the ANC to use WCCP with the L2 redirect method, do not deploy the ANC on the same subnet as the client computers. This configuration can cause packet loss due to a limitation of the Catalyst 6500 series switch.

•All WAAS nodes in an AppNav deployment must be running WAAS version 5.0 or later.

WAAS Express Interoperability

Consider the following guideline when using WAAS Express devices in your WAAS network:

•When using a WAAS device running version 5.0 and a WAAS Express peer device running Cisco IOS Release 15.2(2)T or earlier, connections originating from the WAAS device and sent to the WAAS Express peer are passed through instead of being optimized. We recommend upgrading to WAAS Express in Cisco IOS Release 15.2(3)T or later to take advantage of the latest enhancements.

WCCP Interoperability and Upgrade

Central Managers running Version 5.0.1x can manage WAEs running software Versions 4.2.1 and later. However, we recommend that all WAEs in a given WCCP service group be running the same version.

Note All WAEs in a WCCP service group must have the same mask, redirect, and return methods. If an upgrade causes these values to change, upgraded WAEs are not able to rejoin the service group until all WAEs in the group are upgraded.

To upgrade the WAEs in your WCCP service group, follow these steps:

Step 1 You must disable WCCP redirection on the Cisco IOS router first. To remove the global WCCP configuration, use the following no ip wccp global configuration commands:

Router(config)# no ip wccp 61

Router(config)# no ip wccp 62

Step 2 Perform the WAAS software upgrade on all WAEs using the WAAS Central Manager GUI.

Step 3 Verify that all WAEs have been upgraded in the Devices pane of the WAAS Central Manager GUI. Choose Devices to view the software version of each WAE.

Step 4 If mask assignment is used for WCCP, ensure that all WAEs in the service group are using the same WCCP mask value.

Step 5 Ensure that all WAEs in the service group are using the same redirect and return methods. If you are upgrading from version 4.x to 5.x, the return method is no longer configurable and is set the same as the redirect method. If you had been using a redirect method of L2 and a return method of GRE, this is no longer supported and the return method is changed to L2 after the upgrade. Ensure that your router software supports L2 return. If it does not, you can change your redirect method to GRE, which causes the return method to change to GRE.

Requirements and Guidelines

When you upgrade to Version 5.0.1x, observe the following guidelines and requirements:

•Upgrading to Version 5.0.1 is supported only from Versions 4.2.1, 4.2.3, 4.2.3b, 4.2.3c, 4.3.1, 4.3.3, 4.3.5a, 4.4.1, 4.4.3, 4.4.3a, 4.4.3b, 4.4.3c, 4.4.5, 4.4.7, and 4.5.1. If you want to upgrade a WAAS device running a different version, first upgrade to the next supported version in the list, and then upgrade to the current 5.0.1 version.

•Upgrading to Version 5.x is not supported on the following platforms: WAE-511, WAE-512, WAE-611, WAE-612, WAE-7326, NME-WAE-302, and NME-WAE-522. WAAS Version 5.x does not operate on these appliances. Upgrading a device group is not allowed if the group contains any of the unsupported devices. If you have a Central Manager running on one of these unsupported platforms, you can migrate it to a supported platform by following the procedure in the "Migrating a Central Manager from an Unsupported Platform" section.

•To take advantage of new features and bug fixes, we recommend that you upgrade your entire deployment to the latest version.

•If you operate a network with devices that have different software versions, the WAAS Central Manager must be the highest version and no WAAS device should be running a version earlier than version 4.2.1.

•Upgrade the WAAS Central Manager devices first, and then upgrade the WAE devices. If you have a standby WAAS Central Manager, upgrade it first, before upgrading the primary WAAS Central Manager. After upgrading, restart any active browser connections to the WAAS Central Manager.

•After upgrading a WAAS Central Manager, you must clear your browser cache, close the browser, and restart the browser before reconnecting to the Central Manager.

•Before upgrading a WAAS Central Manager to Version 5.0.1, make a database backup by using the cms database backup EXEC command. Use the copy disk ftp EXEC command to move the backup file to an external system. In case of any problem during the upgrade, you can restore the database backup that you made before upgrading by using the cms database restorebackup-file EXEC command, where backup-file is the one created by the backup command.

•After upgrading application accelerator WAEs, verify that the proper licenses are installed by using the show license EXEC command. The Transport license is enabled by default. If any of the application accelerators were enabled on the device before the upgrade, you should enable the Enterprise license. Configure any additional licenses (Video and Virtual-Blade) as needed by using the license add EXEC command. For more information on licenses, see the "Managing Software Licenses" section in the Cisco Wide Area Application Services Configuration Guide.

•After upgrading application accelerator WAEs, verify that the proper application accelerators, policies, and class maps are configured. For more information on configuring accelerators, policies, and class maps, see the "Configuring Application Acceleration" chapter in the Cisco Wide Area Application Services Configuration Guide.

•If you are upgrading a WAAS Central Manager from a version earlier than 4.4.1 and have the secure store enabled, you must reopen the secure store after the device reloads (and after any reload). From the WAAS Central Manager GUI, choose Admin > Security > Secure Store or use the cms secure-store open EXEC command. After upgrading, you can change to auto-generated passphrase mode and you will no longer need to manually open the secure store after each reload. For more information on using the secure store, see the "Configuring Secure Store Settings" sectionin the Cisco Wide Area Application Services Configuration Guide.

•If you have two Central Managers that have secure store enabled and you have switched primary and standby roles between the two Central Managers, before upgrading the Central Managers to Version 5.0.1, you must reenter all passwords in the primary Central Manager GUI. The passwords that need to be reentered include user passwords and CIFS file server passwords. If you do not reenter the passwords, after upgrading to Version 5.0.1, the Central Manager fails to send configuration updates to WAEs and the standby Central Manager until after the passwords are reentered.

•If you are upgrading a Central Manager from Version 4.2.3x or earlier, and you have any scheduled reports that are configured for more than 100 recurrences, only 100 recurrences are retained after the upgrade.

•If you use the setup utility for basic configuration after upgrading to 5.0.1, wccp router list 7 is used. Because the setup utility is designed for use on new installations, any existing configuration for wccp router list 7 is replaced with the new configuration.

•If you have disk encryption enabled and are upgrading to Version 5.0.1 NPE from Version 4.2.1 or earlier, disk encryption configuration as well as disk cached data are lost. There is no impact when upgrading to standard Version 5.0.1 (non-NPE).

•After upgrading a Central Manager from Version 4.2.3x or earlier, the AllDevicesGroup device group is renamed to the AllWAASGroup. Additionally, an AllWAASExpressGroup is created for all WAAS Express devices.

•Beginning with Version 4.4.1, application-aware DRE changed the way the DRE cache is populated and managed. When upgrading from Version 4.3.x or earlier, the existing DRE cache is preserved, but all new cache entries are written in a new cache format. The two formats coexist until the old cache is evicted through the normal eviction processes. DRE on a Version 5.x device is compatible with all Version 4.1.x, 4.2.x, 4.3.x, 4.4.x, and 4.5.x peers but is not compatible with 4.0.x peers.

Application policies do not change, but the new "bidirectional" term is introduced, which is the mode used prior to Version 4.4.1.

•After upgrading WAAS accelerator devices from a version earlier than 4.4.1, you may be able to improve DRE disk performance by deleting and recreating disk data partitions by using the disk delete-data-partitions EXEC command. This command deletes the DRE and CIFS caches and all installed virtual blade images. If you want to keep virtual blade images, back them up before using this command by using the copy virtual-blade EXEC command.

After using the disk delete-data-partitions command, you must reload the device and the data partitions are automatically recreated and the caches are initialized, which can take several minutes. DRE optimization is not done until the DRE cache has finished initializing. The show statistics dre EXEC command reports "TFO: Initializing disk cache" until then.

•When upgrading a WAAS accelerator device from a version earlier than 4.4.1, the WCCP load-balancing assignment method is always strictly enforced and must match the farm assignment method or the WAAS device is not allowed to join the farm. Nonstrict assignment method is no longer an option.

When upgrading a Central Manager from a version earlier than 4.4.1, the Only Use Selected Assignment Method check box is no longer available in the device group WCCP Settings window. Any WAEs in a device group that are running a version earlier than 4.4.1 and getting their WCCP settings from the device group will not use strict assignment method enforcement. This does not affect the WCCP farm.

•The method for associating virtual blade interfaces to physical interfaces changed in Version 4.4.1 to use bridge groups and Bridge Virtual Interfaces (BVIs). When upgrading a device with a virtual blade from a version earlier than 4.4.1, any virtual interface configurations are converted to use the new bridging method.

•Legacy mode WAFS is no longer supported in Version 4.4.1 or later and upgrading is prevented if legacy mode WAFS is enabled (edge or core services). Legacy WAFS users must migrate to the transparent CIFS accelerator before upgrading. For details on CIFS migration, see the Cisco Wide Area Application Services Upgrade Guide.

•Legacy mode print services is no longer supported in Version 4.4.1 or later. On upgrading from a version earlier than 4.4.1, legacy print services functionality is removed and users must use the Windows Print accelerator. The print role and print admin privileges are removed from all user accounts, and the functionality of the Central Manager acting as a print repository is removed. Any legacy print services jobs that are spooled are lost if an upgrade is done before the data is printed.

A Version 4.4.1 or later Central Manager can continue to manage earlier version WAEs that have legacy print services enabled, but print services can be configured on these WAEs only through the device CLI. The Central Manager also can display print services alarms from earlier version WAEs that are running legacy print services.

•In WAAS versions before 4.4.5, you were able to configure more memory for virtual blades on a 294-4G platform than was supported for virtual blades. To maintain stability, after upgrading from a version earlier than 4.4.5, all memory allocated to virtual blades on the 294-4G platform is limited to 1 GB. This change affects any existing 294-4G virtual blade configurations.

•Version 5.0 no longer supports device group configuration of the following features: static bypass lists, vPath interception, and WCCP. When you are upgrading to version 5.0 from a previous version, any device group configurations of these features are copied to the individual devices and the device group settings are removed. WCCP settings can be copied between devices.

•The default WCCP return method changed in WAAS version 5.0. If you are upgrading from version 4.x to 5.x, the return method is no longer configurable and is set the same as the redirect method. If you had been using a redirect method of L2 and a return method of GRE, this is no longer supported and the return method is changed to L2 after the upgrade. Ensure that your router software supports L2 return. If it does not, you can change your redirect method to GRE, which sets the return method to GRE.

•The default WCCP egress method changed in WAAS version 5.0 and the redirect method determines the default and available egress methods. For L2 redirect, the default egress method is set to Layer 2 and an alternate option is IP forwarding. For GRE redirect, the default egress method is IP forwarding, and alternate options are WCCP GRE and generic GRE.

•When upgrading from a WAAS version earlier than 5.0, you must rename classifier names that contain a period (.) to remove the period. Classifiers with a period in their name are deleted on an upgrade. Replace periods in classifiers with a hyphen (-) or underscore (_) to prevent deletion.

•When upgrading from a WAAS version earlier than 5.0, pending reports are carried forward. Charts in reports are retained if they are still available; if they are no longer available, they are migrated to new charts. Any duplicated charts (as a result of migration) in a report are removed and all ICA application accelerator reports are removed because they are all new in version 5.0. Custom reports are migrated to new custom reports in a similar way. Completed reports from before the upgrade are shown in the Completed Reports list and maintain their original format.

•When upgrading from a WAAS version earlier than 5.0, classifiers and policies are migrated to new version 5.0 class maps and policy rules. The same functionality is maintained, though the class map and policy framework is different.

•When upgrading a Central Manager from a WAAS version earlier than 5.0, the WAFS application definition is migrated to a new CIFS application, except if a CIFS application already exists, the application name change is not done. If you upgrade a WAE device that is not registered to a Central Manager, the WAFS application is not renamed. Any WAAS device that is still using the WAFS application in a policy rule after an upgrade to version 5.0 raises the following alarm: "WAFS application is configured for optimization. Consider changing the application name to CIFS." To clear the alarm, you can manually change the policy rule to use the CIFS application or restore default policies.

•When upgrading from WAAS version 4.5 to version 5.0, the ICA classifiers are automatically changed from ica and citriximaclient to class maps named Citrix-ICA and Citrix-CGP, respectively. They are also moved to a new application named Citrix. There is no difference in functionality.

The ICA charts in WAAS version 5.0 and later are also different from those used in version 4.5. If you are viewing the data from a version 4.5 WAAS device, the charts appear empty due to the different data that the device is collecting. The ICA data for version 4.5 WAAS devices is available in the system level TCP Summary Report by selecting the Remote-Desktop application.

•When you upgrade from WAAS, version 4.x, you must reconfigure the custom EPM policy for a device or device group. You must first restore the default policy setting by selecting the Restore default Optimization Policies link for the device group in the Modifying Device Group window and then reconfigure your custom policy rules for the device.

Migrating a Central Manager from an Unsupported Platform

If you have a WAAS Central Manager that is running on a hardware platform that is unsupported in version 5.0 (such as a WAE-511/512/611/612/7326), you are not allowed to upgrade the device to version 5.0. You must migrate the Central Manager to a supported platform by following the procedure in this section, which preserves all of the Central Manager configuration and database information.

Follow these steps to migrate a primary Central Manager to a new WAAS device:

Step 1 From the primary Central Manager CLI, create a database backup by using the cms database backup EXEC command. Move the backup file to a separate device by using the copy disk ftp command.

Step 2 Display and write down the IP address and netmask of the Central Manager.

CM# show running-config interface

primary-interface GigabitEthernet 1/0

!

interface GigabitEthernet 1/0

ip address 10.10.10.25 255.255.255.0

exit

interface GigabitEthernet 2/0

shutdown

exit

!

Step 3 Shut down all the interfaces on the primary Central Manager.

CM# configure

CM(config) interface GigabitEthernet 1/0 shutdown

Step 4 Replace the existing Central Manager device with a new hardware platform that can support WAAS version 5.0. Ensure that the new Central Manager device is running the same software version as the old Central Manager.

Step 5 Configure the new Central Manager with the same IP address and netmask as the old Central Manager. You can do this in the setup utility or by using the interface global configuration command.

Step 7 Restore the database backup on the new Central Manager by using the cms database restore command. Use option 1 to restore all CLI configurations.

newCM# cms database restore cms-db-06-28-2012-15-08_5.0.1.0.15.dump

Backup database version is from an earlier version than the current software version.
Restored data will be automatically upgraded when cms services are enabled.

Restoring the backed up data. Secure-Store will be re-initialized.

Successfully migrated key store

***** WARNING : If Central Manager device is reloaded, you must reopen Secure Store with
the correct passphrase. Otherwise Disk encryption, CIFS preposition, SSL, AAA and other
secure store dependent features may not operate properly on WAE(s).*****

Step 9 Verify that the Central Manager GUI is accessible and all WAAS devices are shown in an online state in the Devices window.

Step 10 (Optional) If you have a standby Central Manager that is running on unsupported hardware and is registered to the primary Central Manager, deregister the standby Central Manager.

standbyCM# cms deregister

Step 11 Upgrade the primary Central Manager to WAAS version 5.0.x. You can use the Central Manager Software Update window or the copy ftp install command.

Step 12 Verify that the Central Manager GUI is accessible and all WAAS devices are shown in an online state in the Devices window.

Step 13 (Optional) Register a new standby Central Manager that is running WAAS version 5.0.x.

newstandbyCM# configure

newstandbyCM(config)# device mode central-manager

newstandbyCM(config)# exit

newstandbyCM# reload

...

Wait for the device to reload.

newstandbyCM# configure

newstandbyCM(config)# central-manager role standby

newstandbyCM(config)# central-manager address 10.10.10.25

newstandbyCM(config)# cms enable

Ensuring a Successful RAID Pair Rebuild

RAID pairs rebuild on the next reboot after you use the restore factory-default command, replace or add a hard disk drive, delete disk partitions, or reinstall WAAS from the booted recovery CD-ROM.

Caution You must ensure that all RAID pairs are done rebuilding before you reboot your WAE device. If you reboot while the device is rebuilding, you risk corrupting the file system.

To view the status of the drives and check if the RAID pairs are in "NORMAL OPERATION" or in "REBUILDING" status, use the show disk details command in EXEC mode. When you see that RAID is rebuilding, you must let it complete that rebuild process. This rebuild process may take several hours.

If you do not wait for the RAID pairs to complete the rebuild process before you reboot the device, you may see the following symptoms that could indicate a problem:

•If you have a standby Central Manager, it must be registered to the primary Central Manager before the downgrade.

•When downgrading an AppNav Controller device to a version earlier than 5.0.1 you must deregister the device from the Central Manager, change the device mode to application-accelerator, downgrade the device, and then reregister the device after the downgrade (or you can reregister the device before downgrading). If you do not deregister the device before downgrading, the device goes offline and the device mode is not set correctly. In that case, use the cms deregister force EXEC command to deregister the device and then reregister it by using the cms enable global configuration command.

If the AppNav Controller device contains an AppNav Controller Interface Module, the module is not recognized by WAAS versions earlier than 5.0.1 and is nonfunctional after a downgrade.

•When downgrading from a WAAS NPE version to a version earlier than 4.2.3, the show version last command does not display NPE in the version output.

•If downgrading to Version 4.2.1, you must first change the password for WCCP, SNMP user, RADIUS, TACACS, or transaction log modules before the downgrade if any of the special characters !@#$%\ were used in the password for the module. Otherwise, the related CLI commands for those modules fail.

•Locked-out user accounts are reset upon a downgrade.

•Any reports and charts that are not supported in the downgrade version are removed from managed and scheduled reports when you downgrade to an earlier version. Any pending reports that were carried forward from an upgrade from a version earlier than 5.0 are maintained.

•After downgrading a Central Manager to a version earlier than 4.3.1, the AllWAASGroup device group is renamed to the AllDevicesGroup. Additionally, the AllWAASExpressGroup is removed.

•After downgrading a Central Manager to a version earlier than 4.3.1, all registered WAAS Express devices are deleted from the Central Manager. If the Central Manager is later upgraded to 4.3.1, WAAS Express devices must be registered again.

•When downgrading to a version earlier than 4.4.1, the DRE cache is cleared and the DRE caching mode for all application policies is changed to bidirectional (the only available mode prior to 4.4.1). Before downgrading a WAE, we recommend that you use the Central Manager GUI to change all policies that are using the new Unidirectional or Adaptive caching modes to the Bidirectional caching mode.

•When downgrading a Central Manager to a version earlier than 4.4.1, if the secure store is in auto-passphrase mode, downgrade is not allowed. You must switch to user-passphrase mode before you can downgrade to a software version that does not support auto-passphrase mode.

•Prior to downgrading to a version earlier than 4.4.1, we recommend that you change the WCCP service IDs back to their default values of 61 and 62, and change the failure detection timeout back to the default value of 30 seconds, if you have changed these values. Only these default values are supported in versions prior to 4.4.1 and any other values are lost after the downgrade. If a WAE is registered to a Central Manager, it is configured with the default service IDs of 61 and 62 after it is downgraded and comes back online.

•Current BMC settings are erased and restored to factory-default when you downgrade WAAS to a version earlier than 4.4.5.

Downgrading the database may trigger full updates for registered devices. In the Central Manager GUI, ensure that all previously operational devices come online.

Cisco WAE and WAVE Appliance Boot Process

To monitor the boot process on Cisco WAE and WAVE appliances, connect to the serial console port on the appliance as directed in the Hardware Installation Guide.

Cisco WAE and WAVE appliances may have video connectors that should not be used in a normal operation. The video output is for troubleshooting purposes only during BIOS boot and stops displaying output as soon as the serial port becomes active.

Operating Considerations

This section includes operating considerations that apply to software Version 5.0.1x and contains the following topics:

Central Manager Report Scheduling

In the WAAS Central Manager, we recommend running system wide reports in device groups of 250 devices or less, or scheduling these reports at different time intervals, so multiple system wide reports are not running simultaneously.

WAAS Express Policy Changes

Making policy changes to large numbers of WAAS Express devices from the Central Manager may take longer than making policy changes to WAAS devices.

Virtual Blade Configuration From File

If you copy the device configuration to the running-config from a file (for example, with the copy startup-config running-config command), configuration changes from the file are applied to the device without confirmation. If a virtual blade disk configuration exists in the configuration file and it is different from the actual device configuration, the device virtual blade disk configuration is removed and replaced with the disk configuration from the file. You lose all data on the virtual blade disks.

Using Autoregistration with Port-Channel and Standby Interfaces

Autoregistration is designed to operate on the first network interface and will not work if this interface is part of a port-channel or standby. Do not enable the auto-register global configuration command when the interface is configured as part of a port-channel or standby group.

Disabling WCCP from the Central Manager

If you use the Central Manager to disable WCCP on a WAAS device, the Central Manager immediately shuts down WCCP and closes any existing connections, ignoring the setting configured by the wccp shutdown max-wait global configuration command (however, it warns you). If you want to gracefully shut down WCCP connections, use the no enable WCCP configuration command on the WAAS device.

Changing Device Mode To or From Central Manager Mode

If you change the device mode to or from Central Manager mode, the DRE cache is erased.

TACACS+ Authentication and Default User Roles

If you are using TACACS+ authentication we recommend that you do not assign any roles to the default user ID, which has no roles assigned by default. If you assign any roles to the default user, external users that are authenticated by TACACS+ and who do not have the waas_rbac_groups attribute defined in TACACS+ (meaning they are not assigned to any group) can gain access to all the roles that are assigned to the default user.

Internet Explorer Certificate Request

If you use Internet Explorer to access the Central Manager GUI version 4.3.1 or later and Internet Explorer has personal certificates installed, the browser prompts you to choose a certificate from the list of those installed in the personal certificate store. The certificate request occurs to support WAAS Express registration and is ignored by Internet Explorer if no personal certificates are installed. Click OK or Cancel in the certificate dialog to continue to the Central Manager log in page. To avoid this prompt, remove the installed personal certificates or use a different browser.

Software Version 5.0.1 Resolved and Open Caveats, and Command Changes

This section contains the resolved caveats, open caveats, command changes, and monitoring API changes in software Version 5.0.1 and contains the following topics:

Table 7 lists the modified Monitoring API objects in WAAS version 5.0.1. These changes are backward compatible with existing code that uses the monitoring API.

Table 7 Modified Monitoring APIs

Web Service

Object Name

Description

Events

MonitoredAO

Added attributes isIcaEnabled and isSmbEnabled to monitor the status of the ICA and SMB accelerators

Using Previous Client Code

If you have upgraded to WAAS version 5.0.1 and are using the WSDL2Java tool to generate client stubs that enforce strict binding, earlier version client code (prior to 4.3.1) may return unexpected exceptions due to new elements added in the response structures in 4.3.1 and later releases. The observed symptom is an exception related to an unexpected subelement because of the new element (for example, a deviceName element) in the XML response.

To work around this problem, we recommend that you patch the WSDL2Java tool library to silently consume exceptions if new elements are found in XML responses and then regenerate the client stubs. This approach avoids future problems if the API is enhanced with new elements over time.

You must modify the ADBBeanTemplate.xsl file in the axis2-adb-codegen-version.jar file.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.